Newegg was cracked, customer data has leaked, and security is clearly scrambled | Computing

Credit Cards in Wallet
Chris Potter/Flickr

Technology fans hail Newegg as the ultimate online electronics retailer — but after a recent security breach, customers might be paying more than they thought. Newegg is one of a few companies to be hit by a bit of malicious code from hacking group Magecart, according to security firm RISKIQ. Shoppers who purchased from the online retailer might find their compromised.

According to the report, Magecart was able to gain access to Newegg's payment system; there, they installed malicious code into the company's payment system to intercept confidential data. Whether shopping from a desktop or mobile browser or using Newegg's iOS or Android apps, it is possible your credit card information may have been pinched.

RiskIQ notes that the malicious software infected Newegg's systems and had been running since August 14; it was removed over a month later, on September 18. If you purchased from the electronics retailer between those dates, it is essential to keep an eye on your credit cards for any fraudulent activity. Newegg has sent a notice to their customers, but it is unclear exactly how many individuals were affected by the malicious attack.

Newegg's email response to customers noted that their systems were indeed “injected with malware,” and that the company is currently investigating the incident. The company notes that the email was sent to users whose accounts they felt were “at risk” — most likely those who made purchases between the dates noted above. Newegg has announced that it will publish an FAQ by Friday that addresses concerns and questions customers may have about the incident.

Security at Volexity have investigated the Magecart attack, showcasing that the process was carried out by injecting malicious javascript into the source code of the retailer's website. ClearSky notes that access to such systems is typically gained by exploiting vulnerabilities in various web hosting platforms.

Newegg isn't the only company to find itself targeted by the notorious hacking group. Earlier this year, Magecart was behind hacking both British Airways and Ticketmaster's systems to steal customer credit data. In the first case, it was reported that the British Airways incident affected over 380,000 card transactions.

You might also like
Leave A Reply

Your email address will not be published.